Mastering Instagram API: How to Get Instagram Access Token


The Instagram access token is a pivotal tool for developers, granting permission to interact with specific parts of the Instagram API and enabling the integration of Instagram’s social feed on websites. With the introduction of the Instagram Basic Display API and the more sophisticated Instagram Graph API, developers now have enhanced access to Instagram’s features, making it crucial to know how to get an Instagram access token for effective app integration.

Securing an Instagram access token is an essential step for developers aiming to link their applications or services with Instagram, providing the ability to share images on platforms like WordPress and leverage Instagram for social selling efforts. This article guides us through the process of obtaining the access token, from signing up for a developer account on Instagram to creating a new application and using the Instagram token, ensuring a seamless integration with the Instagram plugin.

Signing Up for a Developer Account on Instagram

To get started with integrating Instagram features into your application or website, the initial step involves setting up a Developer Account on Instagram. Here’s how to navigate this process:

  1. Create a Facebook Developer Account: Since Instagram is owned by Facebook, you’ll need a Facebook Developer Account. Visit, click on My Apps, and select the option to create a new app.
  2. Select App Type: Choose either Consumer or None as the app type. This selection is crucial for determining the kind of access you’ll have.
  3. Configure Your App:
    • Navigate to Settings > Basic, scroll down, and click on Add Platform.
    • Select Website as the platform, enter your website’s URL, and save the changes. This step ensures that your app is linked to your website.
    • Click on Products, find the Instagram Basic Display product, and click Set Up to add Instagram features to your app.
  4. Complete the App Setup:
    • Fill in the necessary details such as the name of the Facebook app you just created, and your website’s URL for both the Deauthorize Callback URL and Data Deletion Request Callback URL.
    • You can skip the App Review section for now.
  5. Add Testers:
    • Go to Roles > Roles and add your Instagram account as a tester to ensure everything works smoothly.
    • Accept the invitation on your Instagram account to proceed.

This process lays the groundwork for obtaining an Instagram access token, enabling developers and content creators to leverage Instagram’s vast social media functionalities for their platforms.

Creating a New Application

After setting up a Developer Account on Instagram, the next crucial step is creating a new application. This process is foundational for acquiring an Instagram access token, enabling app users to integrate Instagram’s functionalities into their applications or websites. Here’s a detailed walkthrough:

  1. Register Your Application:
    • Visit the Meta for Developers site and click on “Create App”.
    • Choose the “Business” category, and provide a name and a valid contact email. Look for the Instagram Graph API and add it to your app.
  2. Configure Your Application:
    • Under ‘Settings’ > ‘Basic’, fill in your ‘App Domains’, ‘Privacy Policy URL’, and the ‘Website’ where your app will be hosted.
    • Add an app icon and select a category that best describes your application.
    • Important fields like ‘Display Name’, ‘Valid OAuth Redirect URIs’, ‘Deauthorize Callback URL’, and ‘Data Deletion Request Callback URL’ should be filled with the respective information, primarily your website’s URL.
  3. Set Up Instagram Basic Display & Add Testers:
    • Navigate to “Products”, find the “Instagram Basic Display” product, and click on “Set Up” to integrate Instagram features.
    • In the “Roles” > “Roles” section, add your Instagram account as a tester by clicking on “Add Instagram Testers” and entering your Instagram username. Accept the invitation through your Instagram account to proceed.

By meticulously following these steps, developers can successfully create a new application tailored for Instagram access, paving the way to generate the Instagram access token necessary for app integration and social media enhancements.

Adding Instagram Basic Display & Generating Access Token

After successfully creating a new application and setting up Instagram Basic Display, the next crucial step is generating the Instagram access token. This token is essential for app users to interact with Instagram features within their applications or websites. Here’s how to navigate this process:

  1. Configure Instagram Basic Display:
    • Click ‘Set Up’ under Instagram Basic Display and select ‘Instagram Basic Display’.
    • Scroll to the bottom and click the ‘Create New App’ button.
  2. Add an Instagram Tester:
    • In the Basic Display section, locate ‘Add or Remove Instagram Testers’.
    • Add the Instagram User ID (IG username) you wish to add as an Instagram Tester.
    • Log into the Instagram profile of the added username, navigate to Settings > Apps and Websites, click on the Tester Invites tab, and accept the invitation.
  3. Generate the Access Token:
    • Return to the Facebook Developers dashboard, find your app, and go to Basic Display.
    • Scroll to the ‘User Token Generator Section’ and click ‘Generate Token’.
    • Copy the Access Token from the pop-up window.

To convert the authorization code into a short-lived access token, follow these additional steps:

  • Make a POST request to with parameters: client_id, client_secret, grant_type set to ‘authorization_code’, redirect_uri, and the code received earlier.
  • If successful, Instagram redirects to your redirect_uri with an Authorization Code.
  • Upon receiving a 400 error indicating “Matching code was not found or was already used”, use Postman with the x-www-form-urlencoded option enabled to make the POST request again.

This methodical approach ensures a smooth process for obtaining an Instagram access token, enabling seamless integration of Instagram functionalities into your application or website.

Securing and Using Your Instagram Access Token

Securing your Instagram access token is crucial to ensure that your application or website remains safe and that your access to Instagram’s features is not compromised. Here are some best practices to follow:

  • Account Security Measures:
    • Enable two-factor authentication for added security.
    • Use a strong, unique password and change it regularly, especially if prompted by Instagram.
    • Secure your email account linked to Instagram.
    • Be cautious with third-party apps; only authorize those you trust.
    • If unusual activity is detected, report it immediately.
    • Regularly update yourself on Instagram’s security measures.
  • Handling the Instagram Access Token:
    • Never share your password or access token with untrusted entities.
    • Log out from shared computers and avoid selecting ‘Remember me’.
    • Download your data for backup purposes and regularly monitor token validity.
    • If compromised, promptly generate a new token via the Instagram Developer Dashboard [1].
    • Save the access token securely and delete it upon user logout.
    • Utilize TLS and OAuth2 for secure sign-on and API key access.
  • API and Token Management:
    • Implement request-level authorization to control access to resources.
    • Offer different access levels based on user needs and API key usage.
    • Use trusted libraries to minimize implementation errors.
    • Understand that Instagram access tokens typically last about 60 days and require periodic refreshing.
    • In case of expiration due to policy changes, promptly refresh the token to maintain access.


Through this article, we’ve demystified the process of obtaining an Instagram access token, a critical component for developers and creators aiming to integrate Instagram’s extensive social media functionalities into their applications or websites. We covered everything from the initial steps of setting up a developer account on Instagram, and creating a new application, to securing and utilizing your Instagram access token responsibly. This journey not only equips you with the technical know-how but also emphasizes the importance of security measures to protect your access and the integrity of your application.

The implications of integrating Instagram functionalities into your platforms are profound, offering a direct pipeline to Instagram’s vast and engaged user base for content sharing and social selling. With the Instagram access token serving as the gateway, developers are empowered to create more dynamic and interactive experiences that leverage the visual appeal of Instagram. As we move forward, it will be crucial to stay abreast of updates to Instagram’s API and security practices, ensuring ongoing compatibility and security for your applications.


How can I obtain my Instagram API access token?
To get your Instagram API access token, follow these steps:

  1. Create a Facebook App.
  2. Build Instagram Basic Display.
  3. Add an Instagram test user.
  4. Authenticate the Test User.
  5. Exchange the code you received for an Instagram access token.
  6. Query the User Node.

What is the process to acquire an API key for Instagram?
To acquire an API key for Instagram:

  1. Navigate to the “App and Sites” section in your settings.
  2. Locate and accept your app.
  3. Return to the Facebook developer panel to start the creation of an Instagram token access.
  4. In the Basic Display section, open the “User Token Generator” and select Generate Token.
  5. Authorize the action through Instagram to receive your Instagram API key.

How can I get a short-lived access token for Instagram?
To get a short-lived access token for Instagram, you need to integrate the Authorization Window into your app. Once a user authenticates their identity through this window, Instagram will redirect them to your app with an Authorization Code. You can then exchange this code for a short-lived access token.

What steps should I take to authorize my Instagram account?
To authorize your Instagram account, you should enable two-factor authentication by following these steps:

  1. Tap on your profile picture to go to your profile.
  2. Tap on the top right corner, then select Settings and Privacy.
  3. Choose Security, then Two-factor authentication.
  4. Tap on Get Started at the bottom to begin the setup process.


Please enter your comment!
Please enter your name here